Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.Downloader.Agent.BBC

Trojan.Downloader.Agent.BBC

By CagedTech in Trojans

Threat Scorecard

Popularity Rank: 11,883
Threat Level: 80 % (High)
Infected Computers: 1,700
First Seen: August 10, 2021
Last Seen: April 25, 2026
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Trojan.Downloader.Agent.BBC
Signature status: No Signature

Known Samples

MD5: c655f26aeed8ddfa9c5b8775fd253184
SHA1: b1e2b609d85c83bcf35b27ed0f85f14cd15872f6
SHA256: F89CEFD1238CF39606251589BB733B9E075B7D845BC222CB1A5304900A880C6E
File Size: 3.76 MB, 3763043 bytes
MD5: ef6e248b977a66c74d7171ecba7dadaa
SHA1: 27d17f5a99815ce916350397e7417f288b1e7375
SHA256: A0C45FACFAB14C7A4BF3E20DD9C3EDD91CA4E6D7E2BE98BA88CD577ED5323B61
File Size: 460.29 KB, 460288 bytes
MD5: e09d21346f5fa55f2da8a0cae74f9bef
SHA1: 3f460dec679d9c50967addd759c0ec3b5e538a39
SHA256: 492A97E1C4C513F8DA8B7E62FACAA6A522F9AC0C23ED21EE92A3EFD0611F8119
File Size: 684.24 KB, 684235 bytes
MD5: f07d36a597c2ba2fff94a49d101409c6
SHA1: 61acbf4c4524c9347a82a1f592937b4cca163e73
SHA256: 068DD8FBC254C2C27FF29B9E3CBF95A2380B52D0243482767E71A433DA41EAE2
File Size: 8.88 MB, 8878886 bytes
MD5: c8d23975f1d9227f4ab9f7bc34a2b7df
SHA1: 5d1c5a72fbf34ea5dd14b580460d0c39f8870836
SHA256: 27B15AE9AA8E55A5C56BD60B2BC20F3C2C077BB4B15380F5F2BB46A43F874252
File Size: 1.69 MB, 1690112 bytes
Show More
MD5: cb8bc95023fc29b8a5267302670416fd
SHA1: 2d15ea93a15c0c95b713a4b2417b3872047b3f8b
SHA256: 8F4556E27F0BFEE630056FCCD3C59566D68A75D7A2AF8816B1688E498FE8CC68
File Size: 602.42 KB, 602416 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have security information
  • File has exports table
  • File has TLS information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
Show More
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Company Name
  • Microsoft Corporation
File Description
  • Microsoft Setup Bootstrapper
File Version
  • 12.0.4518.1014
  • 1.00
  • 1.0.0.0
Internal Name
  • setup.exe
  • TJprojMain
Legal Copyright
  • © 2006 Microsoft Corporation. All rights reserved.
  • © 2006 Microsoft Corporation. All rights reserved.
Legal Trademarks1 Microsoft® is a registered trademark of Microsoft Corporation.
Legal Trademarks2 Windows® is a registered trademark of Microsoft Corporation.
Original File Name setup.exe
Original Filename
  • setup.exe
  • TJprojMain.exe
Product Name
  • Microsoft Setup Bootstrapper
  • Project1
Product Version
  • 12.0.4518.1014
  • 1.00
  • 1.0.0.0

File Traits

  • 2+ executable sections
  • big overlay
  • HighEntropy
  • Installer Manifest
  • Installer Version
  • x86

Block Information

Total Blocks: 2,017
Potentially Malicious Blocks: 398
Whitelisted Blocks: 1,611
Unknown Blocks: 8

Visual Map

0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? ? ? ? ? ? ? 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 x 0 x 0 0 0 0 0 0 0 0 0 x x 0 0 x 0 0 0 0 0 0 0 x x x x x 0 x 0 x 0 0 x 0 0 0 0 0 0 0 0 0 x x x x 0 x 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 x 0 0 0 x 0 0 x x x x x x 0 0 0 0 x 0 0 0 x 0 0 x x 0 x x 0 0 0 0 x 1 0 0 x x x x 0 x x x x x 0 x x 0 0 x x x x x x x x x 0 0 0 0 x x x 0 0 0 0 x 0 x x x 0 0 0 0 x 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 x x x 0 0 x 0 0 0 x 0 0 0 0 x x x x 0 x x x x 0 0 0 x x 0 x x x x x x x x x 0 x x x 0 x x 0 x x x x 0 0 0 x x x x x x x x x 0 0 0 0 x 0 x 0 0 1 0 0 0 0 x 0 0 0 0 x 0 x 0 0 0 0 0 0 0 x 0 x 0 x 0 0 0 x 0 x 0 x x x x 0 0 0 x 1 0 x 0 0 0 0 0 0 x 0 x 0 0 0 0 0 0 0 0 x 0 x 0 0 0 0 0 0 0 0 x x 0 0 0 0 1 0 x 0 0 0 0 0 0 0 0 x 0 0 0 0 x 0 x x 0 0 x 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 1 x 0 x x 0 0 0 0 0 x 0 x 0 x x 0 1 x 0 0 0 0 0 x 0 0 x 0 0 0 0 0 x 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 x 0 0 0 0 x 0 x x 0 x 0 0 x 0 1 x x x 0 0 x x x x x 0 0 0 0 0 x 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 x 0 0 0 0 0 0 x 0 0 0 x x 0 0 x 0 x x x x 0 x x 0 x 0 0 0 x x x 0 1 0 0 x 0 0 x 0 0 0 0 0 0 0 0 0 0 0 x x x x 0 0 0 x x x x 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 x 0 0 0 0 x 0 x x x 0 0 0 x 2 0 0 3 1 0 x 3 0 0 0 0 0 0 x x x x x x x 0 0 0 1 0 0 0 0 0 1 0 0 0 x x x x 0 0 x x 0 0 0 0 0 0 x 0 0 x x 0 x 0 x 0 x x x x x 0 0 x 0 x x x x x x x 0 x x x x 0 0 x 0 x 0 0 0 0 0 0 0 x 0 x x x x x x x x x x x x x x x x x 0 x x x x x x x x x x x x 0 x 0 x 0 0 x x x 0 0 x x 0 x 0 x x 0 x x 0 x x x x x x x 0 x x 0 x 0 x x 0 0 0 x 0 0 x x 0 x x 0 x x 0 0 0 0 0 0 x 0 x 0 x x 0 0 1 0 x x x x x x 0 0 0 0 x x x x x x 0 x x x 0 x 0 x 0 x 0 x x x x x x x x x x 0 x x 0 x 0 x x x 0 0 0 x x x x x x 0 0 0 x x x 0 x x x x x x x x x x x x x x x x 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x 0 x 0 x 0 x 0 0 x 0 x x 0 x 0 x x x x x x 0 0 0 x 1 0 0 0 x 0 0 x 0 0 0 0 0 0 x 1 1 x 0 0 x 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 1 1 0 0 x 0 1 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 x x 0 0 0 x 1 1 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 1 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 x 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 1 0 1 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 0 0 0 0 0 1 1 1 1 0 1 1 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • Bancteian.B
  • Banker.FD
  • Downloader.Agent.BBC

Files Modified

File Attributes
\device\namedpipe\toserveradvinst_extract_c:\users\user\downloads\61acbf4c4524c9347a82a1f592937b4cca163e73_0008878886 Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\icsys.ico.exe Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\setupexe(202511062220501658).log Generic Write,Read Attributes
c:\users\user\appdata\local\temp\setupexe(20251127141648ae8).log Generic Write,Read Attributes
c:\users\user\appdata\local\temp\setupexe(2026042409122021f0).log Generic Write,Read Attributes
c:\users\user\appdata\roaming\microsoft\direct x 13.0.2.4\install\teste.msi Generic Write,Read Attributes
c:\users\user\downloads\b1e2b609d85c83bcf35b27ed0f85f14cd15872f6_0003763043  Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\downloads\b1e2b609d85c83bcf35b27ed0f85f14cd15872f6_0003763043  Synchronize,Write Attributes
c:\windows\64dfe9 Generic Write,Read Attributes

Registry Modifications

Key::Value Data API Name
HKLM\software\microsoft\windows\currentversion\policies\system::consentpromptbehavioradmin RegNtPreCreateKey
HKLM\software\microsoft\windows\currentversion\policies\system::enablelua RegNtPreCreateKey
HKLM\software\microsoft\windows\currentversion\policies\system::promptonsecuredesktop RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\explorer\advanced::hidden  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::antivirusoverride  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::antivirusdisablenotify  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::firewalldisablenotify  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::firewalloverride  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::updatesdisablenotify  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center::uacdisablenotify  RegNtPreCreateKey
Show More
HKLM\software\wow6432node\microsoft\security center\svc::antivirusoverride  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::antivirusdisablenotify  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::firewalldisablenotify  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::firewalloverride  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::updatesdisablenotify  RegNtPreCreateKey
HKLM\software\wow6432node\microsoft\security center\svc::uacdisablenotify  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings::globaluseroffline RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile::enablefirewall RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile::donotallowexceptions RegNtPreCreateKey
HKLM\system\controlset001\services\sharedaccess\parameters\firewallpolicy\standardprofile::disablenotifications  RegNtPreCreateKey
HKCU\software\jguh::u1_0 㣊ם RegNtPreCreateKey
HKCU\software\jguh::u2_0 RegNtPreCreateKey
HKCU\software\jguh::u3_0 権ă RegNtPreCreateKey
HKCU\software\jguh::u4_0 RegNtPreCreateKey
HKCU\software\jguh::u1_1 RegNtPreCreateKey
HKCU\software\jguh::u2_1 泅牥 RegNtPreCreateKey
HKCU\software\jguh::u3_1 ᥜ獦 RegNtPreCreateKey
HKCU\software\jguh::u4_1 獵牥 RegNtPreCreateKey
HKCU\software\jguh::u1_2 RegNtPreCreateKey
HKCU\software\jguh::u2_2  RegNtPreCreateKey
HKCU\software\jguh::u3_2 賃 RegNtPreCreateKey
HKCU\software\jguh::u4_2  RegNtPreCreateKey
HKCU\software\jguh::u1_3 ꢖ荅 RegNtPreCreateKey
HKCU\software\jguh::u2_3 䄭地 RegNtPreCreateKey
HKCU\software\jguh::u3_3 ぶ嘳 RegNtPreCreateKey
HKCU\software\jguh::u4_3 婟地 RegNtPreCreateKey
HKCU\software\jguh::u1_4 ᣨᨐ RegNtPreCreateKey
HKCU\software\jguh::u2_4 햏즕 RegNtPreCreateKey
HKCU\software\jguh::u3_4 ꟽ좖 RegNtPreCreateKey
HKCU\software\jguh::u4_4 췔즕 RegNtPreCreateKey
HKCU\software\jguh::u1_5 ẉૺ RegNtPreCreateKey
HKCU\software\jguh::u2_5 嫞㯻 RegNtPreCreateKey
HKCU\software\jguh::u3_5 ⭠㫸 RegNtPreCreateKey
HKCU\software\jguh::u4_5 䅉㯻 RegNtPreCreateKey
HKCU\software\jguh::u1_6 摷饲 RegNtPreCreateKey
HKCU\software\jguh::u2_6 ꮒ깠 RegNtPreCreateKey
HKCU\software\jguh::u3_6 RegNtPreCreateKey
HKCU\software\jguh::u4_6 뒾깠 RegNtPreCreateKey
HKCU\software\jguh::u1_7 ꉝా RegNtPreCreateKey
HKCU\software\jguh::u2_7 ৉⃆ RegNtPreCreateKey
HKCU\software\jguh::u3_7 䈚⇅ RegNtPreCreateKey
HKCU\software\jguh::u4_7 ⠳⃆ RegNtPreCreateKey
HKCU\software\jguh::u1_8 뺌셝 RegNtPreCreateKey
HKCU\software\jguh::u2_8 蝩錫 RegNtPreCreateKey
HKCU\software\jguh::u3_8 鈨 RegNtPreCreateKey
HKCU\software\jguh::u4_8 鮨錫 RegNtPreCreateKey
HKCU\software\jguh::u1_9 暮ᇸ RegNtPreCreateKey
HKCU\software\jguh::u2_9 ᴀ֑ RegNtPreCreateKey
HKCU\software\jguh::u3_9 攴Ғ RegNtPreCreateKey
HKCU\software\jguh::u4_9 ༝֑ RegNtPreCreateKey
HKCU\software\jguh::u1_10 RegNtPreCreateKey
HKCU\software\jguh::u2_10 鯈矶 RegNtPreCreateKey
HKCU\software\jguh::u3_10 盵 RegNtPreCreateKey
HKCU\software\jguh::u4_10 芒矶 RegNtPreCreateKey
HKCU\software\jguh::u1_11 難︩ RegNtPreCreateKey
HKCU\software\jguh::u2_11  RegNtPreCreateKey
HKCU\software\jguh::u3_11 鰮 RegNtPreCreateKey
HKCU\software\jguh::u4_11  RegNtPreCreateKey
HKCU\software\jguh::u1_12 혥 RegNtPreCreateKey
HKCU\software\jguh::u2_12 牼峁 RegNtPreCreateKey
HKCU\software\jguh::u3_12 ͕巂 RegNtPreCreateKey
HKCU\software\jguh::u4_12 楼峁 RegNtPreCreateKey
HKCU\software\jguh::u1_13 魅虚 RegNtPreCreateKey
HKCU\software\jguh::u2_13 윏켦 RegNtPreCreateKey
HKCU\software\jguh::u3_13 뛘츥 RegNtPreCreateKey
HKCU\software\jguh::u4_13 RegNtPreCreateKey
HKCU\software\jguh::u1_14 Ῐ뾇 RegNtPreCreateKey
HKCU\software\jguh::u2_14 䎚䆌 RegNtPreCreateKey
HKCU\software\jguh::u3_14 㩏䂏 RegNtPreCreateKey
HKCU\software\jguh::u4_14 偦䆌 RegNtPreCreateKey
HKCU\software\jguh::u1_15 鵡 RegNtPreCreateKey
HKCU\software\jguh::u2_15 RegNtPreCreateKey
HKCU\software\jguh::u3_15 ꧲닲 RegNtPreCreateKey
HKCU\software\jguh::u4_15 쏛돱 RegNtPreCreateKey
HKCU\software\jguh::u1_16 厀홍 RegNtPreCreateKey
HKCU\software\jguh::u2_16 ⊠♗ RegNtPreCreateKey
HKCU\software\jguh::u3_16 嵹❔ RegNtPreCreateKey
HKCU\software\jguh::u4_16 㝐♗ RegNtPreCreateKey
HKCU\software\jguh::u1_17 ⌉荌 RegNtPreCreateKey
HKCU\software\jguh::u2_17 誏颼 RegNtPreCreateKey
HKCU\software\jguh::u3_17 샬馿 RegNtPreCreateKey
HKCU\software\jguh::u4_17 ꫅颼 RegNtPreCreateKey
HKCU\software\jguh::u1_18 ♋ꐽ RegNtPreCreateKey
HKCU\software\jguh::u2_18 €ଢ RegNtPreCreateKey
HKCU\software\jguh::u3_18 琓ਡ RegNtPreCreateKey
HKCU\software\jguh::u4_18 Ḻଢ RegNtPreCreateKey
HKCU\software\jguh::u1_19 왱ᜓ RegNtPreCreateKey
HKCU\software\jguh::u2_19 荸綇 RegNtPreCreateKey
HKCU\software\jguh::u3_19 ﮆ粄 RegNtPreCreateKey
HKCU\software\jguh::u4_19 醯綇 RegNtPreCreateKey
HKCU\software\jguh::u1_20 ᑔ⮀ RegNtPreCreateKey
HKCU\software\jguh::u2_20 ᜧ RegNtPreCreateKey
HKCU\software\jguh::u3_20 漍 RegNtPreCreateKey
HKCU\software\jguh::u4_20 Ԥ RegNtPreCreateKey
HKCU\software\jguh::u1_21 嬨筣 RegNtPreCreateKey
HKCU\software\jguh::u2_21 水扒 RegNtPreCreateKey
HKCU\software\jguh::u3_21 ኰ捑 RegNtPreCreateKey
HKCU\software\jguh::u4_21 碙扒 RegNtPreCreateKey
HKCU\software\jguh::u1_22 ᣇ溄 RegNtPreCreateKey
HKCU\software\jguh::u2_22 ﮋ풷 RegNtPreCreateKey
HKCU\software\jguh::u3_22 蘧햴 RegNtPreCreateKey
HKCU\software\jguh::u4_22 풷 RegNtPreCreateKey
HKCU\software\jguh::u1_23 䰈坨 RegNtPreCreateKey
HKCU\software\jguh::u2_23 䒆䜝 RegNtPreCreateKey
HKCU\software\jguh::u3_23 㖪䘞 RegNtPreCreateKey
HKCU\software\jguh::u4_23 徃䜝 RegNtPreCreateKey
HKCU\software\jguh::u1_24 겅ꨈ RegNtPreCreateKey
HKCU\software\jguh::u2_24 즼릂 RegNtPreCreateKey
HKCU\software\jguh::u3_24 룑뢁 RegNtPreCreateKey
HKCU\software\jguh::u4_24 틸릂 RegNtPreCreateKey
HKCU\software\jguh::u1_25 誳㔭 RegNtPreCreateKey
HKCU\software\jguh::u2_25 刷⯨ RegNtPreCreateKey
HKCU\software\jguh::u3_25 ⱄ⫫ RegNtPreCreateKey
HKCU\software\jguh::u4_25 䙭⯨ RegNtPreCreateKey
HKCU\software\jguh::u1_26 㳜秣 RegNtPreCreateKey
HKCU\software\jguh::u2_26 럺鹍 RegNtPreCreateKey
HKCU\software\jguh::u3_26 폋齎 RegNtPreCreateKey
HKCU\software\jguh::u4_26 맢鹍 RegNtPreCreateKey
HKCU\software\jguh::u1_27 ﶞ䆶 RegNtPreCreateKey
HKCU\software\jguh::u2_27 㘥Ⴓ RegNtPreCreateKey
HKCU\software\jguh::u3_27 䝾ᆰ RegNtPreCreateKey
HKCU\software\jguh::u4_27 ⵗႳ RegNtPreCreateKey
HKCU\software\jguh::u1_28 瀅晿 RegNtPreCreateKey
HKCU\software\jguh::u2_28 띉茘 RegNtPreCreateKey
HKCU\software\jguh::u3_28 쫥舛 RegNtPreCreateKey
HKCU\software\jguh::u4_28 ꃌ茘 RegNtPreCreateKey
HKCU\software\jguh::u1_29 윞ᅱ RegNtPreCreateKey
HKCU\software\jguh::u2_29 ᲂ RegNtPreCreateKey
HKCU\software\jguh::u3_29 繨 RegNtPreCreateKey
HKCU\software\jguh::u4_29 ᑁ RegNtPreCreateKey
HKCU\software\jguh::u1_30 轾⿽ RegNtPreCreateKey
HKCU\software\jguh::u2_30 鈐柣 RegNtPreCreateKey
HKCU\software\jguh::u3_30 曠 RegNtPreCreateKey
HKCU\software\jguh::u4_30 螶柣 RegNtPreCreateKey
HKCU\software\jguh::u1_31 RegNtPreCreateKey
HKCU\software\jguh::u2_31 RegNtPreCreateKey
HKCU\software\jguh::u3_31 RegNtPreCreateKey
HKCU\software\jguh::u4_31 RegNtPreCreateKey
HKCU\software\jguh::u1_32 倛正 RegNtPreCreateKey
HKCU\software\jguh::u2_32 痠䲮 RegNtPreCreateKey
HKCU\software\jguh::u3_32 ҉䶭 RegNtPreCreateKey
HKCU\software\jguh::u4_32 溠䲮 RegNtPreCreateKey
HKCU\software\jguh::u1_33 쎤툭 RegNtPreCreateKey
HKCU\software\jguh::u2_33 뼓 RegNtPreCreateKey
HKCU\software\jguh::u3_33 蠼븐 RegNtPreCreateKey
HKCU\software\jguh::u4_33 뼓 RegNtPreCreateKey
HKCU\software\jguh::u1_34 걃㈗ RegNtPreCreateKey
HKCU\software\jguh::u2_34 丿ㅹ RegNtPreCreateKey
HKCU\software\jguh::u3_34 㾣ぺ RegNtPreCreateKey
HKCU\software\jguh::u4_34 喊ㅹ RegNtPreCreateKey
HKCU\software\jguh::u1_35 숤䀺 RegNtPreCreateKey
HKCU\software\jguh::u2_35 헟ꏞ RegNtPreCreateKey
HKCU\software\jguh::u3_35 ꋖꋝ RegNtPreCreateKey
HKCU\software\jguh::u4_35 죿ꏞ RegNtPreCreateKey
HKCU\software\jguh::u1_36 퓰﹏ RegNtPreCreateKey
HKCU\software\jguh::u2_36 ㏆ᙄ RegNtPreCreateKey
HKCU\software\jguh::u3_36 噝ᝇ RegNtPreCreateKey
HKCU\software\jguh::u4_36 㱴ᙄ RegNtPreCreateKey
HKCU\software\jguh::u1_37 晗谗 RegNtPreCreateKey
HKCU\software\jguh::u2_37 떏袩 RegNtPreCreateKey
HKCU\software\jguh::u3_37 엀親 RegNtPreCreateKey
HKCU\software\jguh::u4_37 꿩袩 RegNtPreCreateKey
HKCU\software\jguh::u1_38 撖㢵 RegNtPreCreateKey
HKCU\software\jguh::u2_38 㓛﬏ RegNtPreCreateKey
HKCU\software\jguh::u3_38 䥷兀 RegNtPreCreateKey
HKCU\software\jguh::u4_38 ⍞﬏ RegNtPreCreateKey
HKCU\software\jguh::u1_39 貫圎 RegNtPreCreateKey
HKCU\software\jguh::u2_39 뿝浴 RegNtPreCreateKey
HKCU\software\jguh::u3_39 ﳺ汷 RegNtPreCreateKey
HKCU\software\jguh::u4_39 雓浴 RegNtPreCreateKey
HKCU\software\jguh::u1_40 㫘▢ RegNtPreCreateKey
HKCU\software\jguh::u2_40 RegNtPreCreateKey
HKCU\software\jguh::u3_40 RegNtPreCreateKey
HKCU\software\jguh::u4_40 RegNtPreCreateKey
HKCU\software\jguh::u1_41 ✇괅 RegNtPreCreateKey
HKCU\software\jguh::u2_41 抏刿 RegNtPreCreateKey
HKCU\software\jguh::u3_41 ប匼 RegNtPreCreateKey
HKCU\software\jguh::u4_41 綽刿 RegNtPreCreateKey
HKCU\software\jguh::u1_42 ℆멭 RegNtPreCreateKey
HKCU\software\jguh::u2_42 힚쒤 RegNtPreCreateKey
HKCU\software\jguh::u3_42 鬛얧 RegNtPreCreateKey
HKCU\software\jguh::u4_42 쒤 RegNtPreCreateKey
HKCU\software\jguh::u1_43 ꟢쮒 RegNtPreCreateKey
HKCU\software\jguh::u2_43 䅬㜊 RegNtPreCreateKey
HKCU\software\jguh::u3_43 ຎ㘉 RegNtPreCreateKey
HKCU\software\jguh::u4_43 撧㜊 RegNtPreCreateKey
HKCU\software\jguh::u1_44 ⷎ䉓 RegNtPreCreateKey
HKCU\software\jguh::u2_44 ꥯ RegNtPreCreateKey
HKCU\software\jguh::u3_44 눵ꡬ RegNtPreCreateKey
HKCU\software\jguh::u4_44 RegNtPreCreateKey

66 additional registry modifications are not displayed above.

Windows API Usage

Category API
User Data Access
  • GetComputerName
  • GetUserName
  • GetUserObjectInformation
Process Manipulation Evasion
  • NtUnmapViewOfSection
  • ReadProcessMemory
Process Shell Execute
  • WinExec
Other Suspicious
  • SetWindowsHookEx
Anti Debug
  • IsDebuggerPresent
  • NtQuerySystemInformation
  • OutputDebugString

Shell Command Execution

c:\users\user\downloads\b1e2b609d85c83bcf35b27ed0f85f14cd15872f6_0003763043�

Trending

Most Viewed

Loading...